CVE-2016-10380

Summary

In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Mobile, Snapdragon WearMDM9206, MDM9615, MDM9635M, MDM9640, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 800, SD 810, SD 820affected

Weaknesses

  • Information Exposure in LTE

ADP Enrichment

CVE Program Container

Additional References

References